OpenSSH S/Key Remote Information Disclosure Vulnerability

Bugtraq ID: 23601
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Apr 23 2007 12:00AM
Updated: Apr 23 2007 11:30PM
Credit: Rembrandt disclosed this vulnerability.
Vulnerable: OpenBSD Portable OpenSSH 4.4p1
OpenBSD Portable OpenSSH 4.3p2
OpenBSD Portable OpenSSH 4.3p1
OpenBSD Portable OpenSSH 4.2p1
OpenBSD Portable OpenSSH 4.1p1
OpenBSD Portable OpenSSH 4.0p1
OpenBSD OpenSSH (FreeBSD Port) 2.9 p2
+ FreeBSD FreeBSD 4.4
OpenBSD OpenSSH 3.8.1 p1
OpenBSD OpenSSH 3.0.2 p1
OpenBSD OpenSSH 3.0.2
OpenBSD OpenSSH 3.0.2
OpenBSD OpenSSH 3.0.1 p1
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
OpenBSD OpenSSH 3.0.1
+ FreeBSD FreeBSD 4.4
+ FreeBSD FreeBSD 4.3
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
OpenBSD OpenSSH 3.0 p1
OpenBSD OpenSSH 3.0
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
OpenBSD OpenSSH 2.9 p2
- Caldera OpenLinux Server 3.1
- Caldera OpenLinux Server 3.1
- Caldera OpenLinux Workstation 3.1
- Caldera OpenLinux Workstation 3.1
+ HP Secure OS software for Linux 1.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0 alpha
OpenBSD OpenSSH 2.9 p1
- Caldera OpenLinux 2.4
- Debian Linux 2.2
- HP HP-UX 11.11
- IBM AIX 4.3.3
- MandrakeSoft Corporate Server 1.0.1
- MandrakeSoft Single Network Firewall 7.2
- Mandriva Linux Mandrake 8.1 ia64
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
- Red Hat Linux 6.2
- RedHat Linux 7.1
- RedHat Linux 7.0
- S.u.S.E. Linux 7.1
- S.u.S.E. Linux 7.0
- SCO eDesktop 2.4
- SCO eServer 2.3.1
- SGI IRIX 6.5.9
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6
OpenBSD OpenSSH 2.9
+ FreeBSD FreeBSD 4.4
+ OpenBSD OpenBSD 2.9
OpenBSD OpenSSH 2.5.2 p2
+ RedHat Linux 7.0
OpenBSD OpenSSH 2.5.2
OpenBSD OpenSSH 2.3.1 p1
OpenBSD OpenSSH 2.3.1
- OpenBSD OpenBSD 2.8
- OpenBSD OpenBSD 2.7
- OpenBSD OpenBSD 2.6
OpenBSD OpenSSH 2.2 .x
+ Conectiva Linux 6.0
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ FreeBSD FreeBSD 5.0
+ FreeBSD FreeBSD 4.2
+ FreeBSD FreeBSD 4.1.1
+ HP HP-UX 11.11
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Mandriva Linux Mandrake 7.0
+ NetBSD NetBSD 1.4.2
+ OpenBSD OpenBSD 2.8
+ OpenBSD OpenBSD 2.7
+ RedHat Linux 7.0
+ S.u.S.E. Linux 7.0
+ Sun Solaris 8_sparc
+ Trustix Trustix Secure Linux 1.1
+ Trustix Trustix Secure Linux 1.0
OpenBSD OpenSSH 2.2 .0
OpenBSD OpenSSH 2.1.1 p1
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
OpenBSD OpenSSH 2.1.1
OpenBSD OpenSSH 2.1 .x
OpenBSD OpenSSH 2.1
OpenBSD OpenSSH 1.2.3
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
OpenBSD OpenSSH 1.2
OpenBSD OpenSSH 1.0 .x
OpenBSD OpenSSH 4.6
OpenBSD OpenSSH 4.5
OpenBSD OpenSSH 4.4
OpenBSD OpenSSH 4.3p1
OpenBSD OpenSSH 4.3
OpenBSD OpenSSH 4.2p1
OpenBSD OpenSSH 4.2
OpenBSD OpenSSH 4.1
OpenBSD OpenSSH 4.0
OpenBSD OpenSSH 3.9 p1
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus